cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Reverse Proxy - Apache vs SAP Web Dispatcher

Go to solution
former_member235185
Discoverer

on ‎02-20-2009 8:37 AM

0 Kudos

Hi,

my config consists in a portal (EP7.0 - DB/CI + AS) and an ECC system (ECC 6.0 - DB/CI + AS).

Web developments are based on Abap Web Dynpro and are also located on ECC.

To ensure load balancing there are 2 web dispatchers : one on EP DB/CI, one on ECC DB/CI.

Those 2 systems are located in intranet. Intranet access are realized via http.

Moreover I need to open this solution to internet. I need a component to filter access in DMZ and ensure reverse proxy + https functions.

Technical target chain links are depicted below.

internet access : browser (https) -

> (https) reverse proxy in DMZ (http) -

> IS (Portal/ECC)

intranet access : browser (http) -

> IS (portal/ECC)

At the moment two application gateway solutions have been identified :

  • Apache (MOD_PROXY + MOD_HTTPS) - My configuration is based on Linux

  • SAP Web Dispatcher ("cascading" implementation as described in OSS note 740234)

I'm looking for PROs and CONs of those 2 solutions and I'm also seeking for the impact of ensuring https encryption/decryption at the application gateway level ("a priori" this usage is not transparent in term of server sizing - CPU/memory, do I require to implement an SSL accelerator ?).

Regards.

Frederic.

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

hofmann
Active Contributor
‎02-20-2009 5:11 PM
0 Kudos

Hi,

PRO Webdispatcher:

- Supports SAP Java + ABAP

- Loadbalancing of SAP applications (stateful)

- Supports load balancing (saplb_* cookie)

- Free of costs

- easy to set up (up & running in 2 minutes)

- Supports HA solutions out-of-the-box (process HA)

- Filter + Rules to modify the requests

CONS Webdispatcher

- not a full reverse proxy

- Limited functionality

- one more server/solution (normaly, a company already does have a reverse proxy solution in place)

- limited user base (only SAP customers)

PRO Apache

- free

- widly in use

- full reverse proxy

- allows more complex filtering / rewriting

- can be used for more web solutions, reuse of existing apache reverse proxy

CONS Apache

- does not support SAP load balancing (connection to the message server port for load distribution)

- can be more complex to set up

- SAP specific technology / problems are more harder to fix (ABAP, Stateful connections, sap_lb*)

Short: both will server well as a reverse proxy.

Rule of thumb: If you go for Apache or Web Dispatcher should mainly depend on you current IT landscape. If you already do have an apache in use, use Apache. You already have the people / knowledge, try to foster it .

If you start from scratch and have SAP Logon Groups or many WebDynpro ABAP applications, go for the Web Dispatcher.

br,

Tobias

Show replies
Show replies
former_member235185
Discoverer
‎02-23-2009 9:16 AM
0 Kudos

Perfect !

Thanks Tobias for all those information !

I think we will go for Apache in DMZ with SSL termination and we will use web dispatcher in intranet to ensure load balancing.

We have estimated the capacity of our server in DMZ to verify/sign SSL message via the "openssl speed" integrated command.

Regards.

Frederic.

Former Member
‎08-27-2009 7:45 AM
0 Kudos

SDN,

Please can anyone share how to configure the reverse proxy.

Regards

Ravi

Former Member
‎11-20-2009 8:32 AM
0 Kudos

Hello,

I'm in a similar situation, and we must design our SAP web load balancing architecture, preferably based on apache reverse proxy approach.

Can you explain me the stament "Apache does not support SAP load balancing (connection to the message server port for load distribution)"?

As I know, we should be able to configure apache to manage SAP's load balancing information, of course if SAP message server provides the required info.

I found some info on how to ask the message server for the available sap servers:

http://<message_server_host>:<message_server_port>/msgserver/text/logon

But I didn't have the chance to continue investigation on how to ask the message server for the required server load and state info, directly through http, using the operating system level command "lgtst", or any other available option. Did anybody research on this way? Any valuable info?

Anyway, if the message server doesn't finally provide the required info to third party components, we shoudn't declare that Apache doesn't support SAP load balancing, just that SAP doesn't make possible this kind of "integration" with non sap load balancing products.

Yours,

Joseba M. Iturbe

Answers (1)

Answers (1)

former_member206159
Active Contributor
‎02-20-2009 8:53 AM
0 Kudos

Hi,

Did you checked the reverse proxy series by Alon Weinstein. If not have a look into this.

Below are some of the forums that discussed about this.

Hope it helps you.

Raghu

Show replies
Show replies
former_member235185
Discoverer
‎02-20-2009 9:01 AM
0 Kudos

Hi

I have already checked all those links.

No information regarding PROs and CONs.

Regards.

Frederic.

Ask a Question